kyverno/pkg/resourcecache/main.go

package resourcecache

import (
	"github.com/go-logr/logr"
	dclient "github.com/kyverno/kyverno/pkg/dclient"
	"k8s.io/apimachinery/pkg/runtime/schema"
	"k8s.io/client-go/discovery"
	"k8s.io/client-go/dynamic/dynamicinformer"
	"k8s.io/client-go/rest"
)

// ResourceCacheIface - allows the creation, deletion and saving the resource informers as a cache
type ResourceCacheIface interface {
	RunAllInformers(log logr.Logger)
	CreateResourceInformer(log logr.Logger, resource string) (bool, error)
	StopResourceInformer(log logr.Logger, resource string) bool
	GetGVRCache(resource string) *GVRCache
}

// ResourceCache ...
type ResourceCache struct {
	dinformer dynamicinformer.DynamicSharedInformerFactory
	// match - matches the resources for which the informers needs to be created.
	// if the matches contains any resource name then the informers are created for only that resource
	// else informers are created for all the server supported resources
	match []string

	// excludes the creation of informers for a specific resources
	// if a specific resource is available in both match and exclude then exclude overrides it
	exclude []string

	// GVRCacheData - stores the informers and lister object for a resource.
	// it uses resource name as key (For ex :-  namespaces for Namespace, pods for Pod, clusterpolicies for ClusterPolicy etc)
	// GVRCache stores GVR (Group Version Resource) for the resource, Informer() instance and Lister() instance for that resource.
	GVRCacheData map[string]*GVRCache
}

// NewResourceCache - initializes the ResourceCache where it initially stores the GVR and Namespaced condition for the allowed resources in GVRCacheData
func NewResourceCache(log logr.Logger, config *rest.Config, dclient *dclient.Client, match []string, exclude []string) (ResourceCacheIface, error) {
	logger := log.WithName("resourcecache")
	discoveryIface := dclient.GetDiscoveryCache()
	cacheData := make(map[string]*GVRCache)

	dInformer := dclient.NewDynamicSharedInformerFactory(0)

	resCache := &ResourceCache{GVRCacheData: cacheData, dinformer: dInformer, match: match, exclude: exclude}

	if resCache.matchGVRKey("configmaps") {
		_, ok := resCache.GVRCacheData["configmaps"]
		if !ok {
			updateGVRCacheForConfigMap(resCache)
		}
	} else {
		err := updateGVRCache(logger, resCache, discoveryIface)
		if err != nil {
			logger.Error(err, "error in updateGVRCache function")
			return nil, err
		}
	}

	return resCache, nil
}

func updateGVRCacheForConfigMap(resc *ResourceCache) {
	gvrc := &GVRCache{
		GVR: schema.GroupVersionResource{
			Version:  "v1",
			Resource: "configmaps",
		},
		Namespaced: true,
	}

	resc.GVRCacheData["configmaps"] = gvrc
}

func updateGVRCache(log logr.Logger, resc *ResourceCache, discoveryIface discovery.CachedDiscoveryInterface) error {
	serverResources, err := discoveryIface.ServerPreferredResources()
	if err != nil {
		return err
	}

	for _, serverResource := range serverResources {
		groupVersion := serverResource.GroupVersion
		for _, resource := range serverResource.APIResources {
			gv, err := schema.ParseGroupVersion(groupVersion)
			if err != nil {
				return err
			}
			mok := resc.matchGVRKey(resource.Name)
			if !mok {
				continue
			}
			eok := resc.excludeGVRKey(resource.Name)
			if eok {
				continue
			}
			_, ok := resc.GVRCacheData[resource.Name]
			if !ok {
				gvrc := &GVRCache{GVR: gv.WithResource(resource.Name), Namespaced: resource.Namespaced}
				resc.GVRCacheData[resource.Name] = gvrc
			}
		}
	}

	return nil
}
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`package resourcecache`

			`import (`
			`"github.com/go-logr/logr"`
update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00			`dclient "github.com/kyverno/kyverno/pkg/dclient"`
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`"k8s.io/apimachinery/pkg/runtime/schema"`
			`"k8s.io/client-go/discovery"`
			`"k8s.io/client-go/dynamic/dynamicinformer"`
			`"k8s.io/client-go/rest"`
			`)`

			`// ResourceCacheIface - allows the creation, deletion and saving the resource informers as a cache`
			`type ResourceCacheIface interface {`
			`RunAllInformers(log logr.Logger)`
			`CreateResourceInformer(log logr.Logger, resource string) (bool, error)`
			`StopResourceInformer(log logr.Logger, resource string) bool`
			`GetGVRCache(resource string) *GVRCache`
			`}`

			`// ResourceCache ...`
			`type ResourceCache struct {`
			`dinformer dynamicinformer.DynamicSharedInformerFactory`
			`// match - matches the resources for which the informers needs to be created.`
			`// if the matches contains any resource name then the informers are created for only that resource`
			`// else informers are created for all the server supported resources`
			`match []string`

			`// excludes the creation of informers for a specific resources`
			`// if a specific resource is available in both match and exclude then exclude overrides it`
			`exclude []string`

			`// GVRCacheData - stores the informers and lister object for a resource.`
			`// it uses resource name as key (For ex :- namespaces for Namespace, pods for Pod, clusterpolicies for ClusterPolicy etc)`
			`// GVRCache stores GVR (Group Version Resource) for the resource, Informer() instance and Lister() instance for that resource.`
			`GVRCacheData map[string]*GVRCache`
			`}`

increase memory limit to 256 Mi 2020-12-15 17:55:01 -08:00			`// NewResourceCache - initializes the ResourceCache where it initially stores the GVR and Namespaced condition for the allowed resources in GVRCacheData`
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`func NewResourceCache(log logr.Logger, config rest.Config, dclient dclient.Client, match []string, exclude []string) (ResourceCacheIface, error) {`
			`logger := log.WithName("resourcecache")`
			`discoveryIface := dclient.GetDiscoveryCache()`
			`cacheData := make(map[string]*GVRCache)`

			`dInformer := dclient.NewDynamicSharedInformerFactory(0)`

			`resCache := &ResourceCache{GVRCacheData: cacheData, dinformer: dInformer, match: match, exclude: exclude}`

fix https://github.com/kyverno/kyverno/issues/1324 2020-11-30 12:54:48 -08:00			`if resCache.matchGVRKey("configmaps") {`
			`_, ok := resCache.GVRCacheData["configmaps"]`
			`if !ok {`
			`updateGVRCacheForConfigMap(resCache)`
			`}`
			`} else {`
Fix typo, add short names (#1344) * fix typo * add short names for report change request 2020-11-30 23:26:49 -08:00			`err := updateGVRCache(logger, resCache, discoveryIface)`
fix https://github.com/kyverno/kyverno/issues/1324 2020-11-30 12:54:48 -08:00			`if err != nil {`
Fix typo, add short names (#1344) * fix typo * add short names for report change request 2020-11-30 23:26:49 -08:00			`logger.Error(err, "error in updateGVRCache function")`
fix https://github.com/kyverno/kyverno/issues/1324 2020-11-30 12:54:48 -08:00			`return nil, err`
			`}`
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`}`
fix https://github.com/kyverno/kyverno/issues/1324 2020-11-30 12:54:48 -08:00
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`return resCache, nil`
			`}`

fix https://github.com/kyverno/kyverno/issues/1324 2020-11-30 12:54:48 -08:00			`func updateGVRCacheForConfigMap(resc *ResourceCache) {`
			`gvrc := &GVRCache{`
			`GVR: schema.GroupVersionResource{`
			`Version: "v1",`
			`Resource: "configmaps",`
			`},`
			`Namespaced: true,`
			`}`

			`resc.GVRCacheData["configmaps"] = gvrc`
			`}`

Fix typo, add short names (#1344) * fix typo * add short names for report change request 2020-11-30 23:26:49 -08:00			`func updateGVRCache(log logr.Logger, resc *ResourceCache, discoveryIface discovery.CachedDiscoveryInterface) error {`
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`serverResources, err := discoveryIface.ServerPreferredResources()`
			`if err != nil {`
			`return err`
			`}`
fix https://github.com/kyverno/kyverno/issues/1324 2020-11-30 12:54:48 -08:00
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`for _, serverResource := range serverResources {`
			`groupVersion := serverResource.GroupVersion`
			`for _, resource := range serverResource.APIResources {`
			`gv, err := schema.ParseGroupVersion(groupVersion)`
			`if err != nil {`
			`return err`
			`}`
			`mok := resc.matchGVRKey(resource.Name)`
			`if !mok {`
			`continue`
			`}`
			`eok := resc.excludeGVRKey(resource.Name)`
			`if eok {`
			`continue`
			`}`
			`_, ok := resc.GVRCacheData[resource.Name]`
			`if !ok {`
			`gvrc := &GVRCache{GVR: gv.WithResource(resource.Name), Namespaced: resource.Namespaced}`
			`resc.GVRCacheData[resource.Name] = gvrc`
			`}`
			`}`
			`}`
fix https://github.com/kyverno/kyverno/issues/1324 2020-11-30 12:54:48 -08:00
Feature/configmaps var 724 (#1118) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs 2020-09-23 02:41:49 +05:30			`return nil`
			`}`